HP
Code: HP2-N28
Exam Name: Selling HP Fortify
Security Assurance Solutions
Question: 1
|
In the Software Security Assurance Maturity Spectrum, which statement is true for the "Fortify (Prevention)" phase?
A. The security team is responsible for application security, and the development team supports their effort.
B. The development team is responsible for application security with little or no support from the security team.
C. The security team is responsible for application security with little or no support from the development team.
D. The development team shares responsibility for application security, and the security team supports their effort.
Answer: A
|
Question: 2
|
Match the common business drivers for HP Fortify with the customer situation to which they best apply.
Answer:
|
Question: 3
|
In which stage of the development lifecycle does the implementation of an HP Fortify solution provide the highest ROI?
A. Development
B. Performance
C. Testing
D. Production
Answer: C
|
Question: 4
|
What are elements of a reactive approach to application security?
A. Security testing is performed before deployment, and security gates are agreed upon (jointly implemented) by the security and development teams.
B. Security testing is embedded into the SDLC, the security and the development teams work together as a single team.
C. Security testing is performed in production by customers or ad-hoc testers, and the development team is tasked with code fixes.
D. Security testing is performed in production, and the operations team is responsible for security monitoring and code fixes.
Answer: C
|
Question: 5
|
What are typical business drivers for HP Fortify solutions? (Select two.)
A. Suffered security breach
B. Compliance program
C. Reported performance issues
D. SLA improvement initiative
E. Cost reduction
Answer: B, E
|
No comments:
Post a Comment